Pullup ticket #4893 - requested by taca
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.122
- lang/php70/distinfo 1.3
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 8 03:29:12 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log Message:
Update php70 to 7.0.2, including security fix.
07 Jan 2016 PHP 7.0.2
- Core:
. Fixed bug #71165 (-DGC_BENCH=1 doesn't work on PHP7).
(y dot uchiyama dot 1015 at gmail dot com)
. Fixed bug #71163 (Segmentation Fault: cleanup_unfinished_calls). (Laruence)
. Fixed bug #71109 (ZEND_MOD_CONFLICTS("xdebug") doesn't work). (Laruence)
. Fixed bug #71092 (Segmentation fault with return type hinting). (Laruence)
. Fixed bug memleak in header_register_callback. (Laruence)
. Fixed bug #71067 (Local object in class method stays in memory for each
call). (Laruence)
. Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky)
. Fixed bug #70781 (Extension tests fail on dynamic ext dependency).
(Francois Laupretre)
. Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
. Fixed bug #71086 (Invalid numeric literal parse error within
highlight_string() function). (Nikita)
. Fixed bug #71154 (Incorrect HT iterator invalidation causes iterator reuse).
(Nikita)
. Fixed bug #52355 (Negating zero does not produce negative zero). (Andrea)
. Fixed bug #66179 (var_export() exports float as integer). (Andrea)
. Fixed bug #70804 (Unary add on negative zero produces positive zero).
(Andrea)
- CURL:
. Fixed bug #71144 (Sementation fault when using cURL with ZTS).
(Michael Maroszek, Laruence)
- DBA:
. Fixed key leak with invalid resource. (Laruence)
- Filter:
. Fixed bug #71063 (filter_input(INPUT_ENV, ..) does not work). (Reeze Xia)
- FTP:
. Implemented FR #55651 (Option to ignore the returned FTP PASV address).
(abrender at elitehosts dot com)
- FPM:
. Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas)
- GD:
. Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index
Out of Bounds). (emmanuel dot law at gmail dot com).
- Mbstring:
. Fixed bug #71066 (mb_send_mail: Program terminated with signal SIGSEGV,
Segmentation fault). (Laruence)
- Opcache:
. Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence)
- PCRE:
. Fixed bug #71178 (preg_replace with arrays creates [0] in replace array
if not already set). (Laruence)
- Readline:
. Fixed bug #71094 (readline_completion_function corrupts static array on
second TAB). (Nikita)
- Session:
. Fixed bug #71122 (Session GC may not remove obsolete session data). (Yasuo)
- SPL:
. Fixed bug #71077 (ReflectionMethod for ArrayObject constructor returns
wrong number of parameters). (Laruence)
. Fixed bug #71153 (Performance Degradation in ArrayIterator with large
arrays). (Nikita)
- Standard:
. Fixed bug #71270 (Heap BufferOver Flow in escapeshell functions).
(emmanuel dot law at gmail dot com)
- WDDX:
. Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
(taoguangchen at icloud dot com)
. Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
Vulnerability). (taoguangchen at icloud dot com)
- XMLRPC
. Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker).
(Julien)
(bsiegert)
diff -r1.119.2.2 -r1.119.2.3 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.119.2.2 2016/01/17 19:25:16 bsiegert Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.119.2.3 2016/01/18 20:14:19 bsiegert Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 55 56 70 | 13 | # Possible: 55 56 70 | |
| 14 | # Default: 55 | 14 | # Default: 55 | |
| @@ -73,27 +73,27 @@ | @@ -73,27 +73,27 @@ | |||
| 73 | # initial release of major version. | 73 | # initial release of major version. | |
| 74 | # | 74 | # | |
| 75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
| 76 | # | 76 | # | |
| 77 | # Keywords: php | 77 | # Keywords: php | |
| 78 | # | 78 | # | |
| 79 | 79 | |||
| 80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
| 81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
| 82 | 82 | |||
| 83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
| 84 | PHP55_VERSION= 5.5.31 | 84 | PHP55_VERSION= 5.5.31 | |
| 85 | PHP56_VERSION= 5.6.17 | 85 | PHP56_VERSION= 5.6.17 | |
| 86 | PHP70_VERSION= 7.0.1 | 86 | PHP70_VERSION= 7.0.2 | |
| 87 | 87 | |||
| 88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
| 89 | PHP55_RELDATE= 20130620 | 89 | PHP55_RELDATE= 20130620 | |
| 90 | PHP56_RELDATE= 20140828 | 90 | PHP56_RELDATE= 20140828 | |
| 91 | PHP70_RELDATE= 20151203 | 91 | PHP70_RELDATE= 20151203 | |
| 92 | 92 | |||
| 93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
| 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS | |
| 98 | 98 | |||
| 99 | .include "../../mk/bsd.prefs.mk" | 99 | .include "../../mk/bsd.prefs.mk" |
| @@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
| 1 | $NetBSD: distinfo,v 1.2 2015/12/18 14:58:14 taca Exp $ | 1 | $NetBSD: distinfo,v 1.2.2.1 2016/01/18 20:14:19 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-7.0.1.tar.bz2) = 4555b230a2a418d3166b2385118693c6b9f8c969 | 3 | SHA1 (php-7.0.2.tar.bz2) = 24f6a1f926f5eda8bd8c0a343d3b175378d706bf | |
| 4 | RMD160 (php-7.0.1.tar.bz2) = b05f2612aa9392097be56c7325ecd07fb15e3e79 | 4 | RMD160 (php-7.0.2.tar.bz2) = 8a8acf7b0c4fa8b2c095645203d6a1e5dada27ca | |
| 5 | SHA512 (php-7.0.1.tar.bz2) = 7a157561da7438620d06304e82d459aea843fe89521f11c9e9941afa85f1a8393a98f25f697f22907da2ee79e228f2d27d9a3f9de209a521ad44a1f9a49e57ca | 5 | SHA512 (php-7.0.2.tar.bz2) = 05575617c6b9fb25de1d3963ff6fdb2033c66064d65657598228551119859125d33e91fafb9526d6799e92566d51bbd7c29956f774af6e0a64d7f0098d01cc40 | |
| 6 | Size (php-7.0.1.tar.bz2) = 13987040 bytes | 6 | Size (php-7.0.2.tar.bz2) = 13988573 bytes | |
| 7 | SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad | 7 | SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad | |
| 8 | SHA1 (patch-configure) = 2ef84d463f4eeb35ecc3df82c1aaca8e74f3a276 | 8 | SHA1 (patch-configure) = 2ef84d463f4eeb35ecc3df82c1aaca8e74f3a276 | |
| 9 | SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3 | 9 | SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3 | |
| 10 | SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92 | 10 | SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92 | |
| 11 | SHA1 (patch-ext_opcache_config.m4) = d0dc7dbf2e5fe498cbf03c4514e4efdb6c6d2c4a | 11 | SHA1 (patch-ext_opcache_config.m4) = d0dc7dbf2e5fe498cbf03c4514e4efdb6c6d2c4a | |
| 12 | SHA1 (patch-ext_pdo__mysql_config.m4) = b1ef91be5a729040197e9af50da0f5fd1f6c90a8 | 12 | SHA1 (patch-ext_pdo__mysql_config.m4) = b1ef91be5a729040197e9af50da0f5fd1f6c90a8 | |
| 13 | SHA1 (patch-ext_pdo_config.m4) = 522281775cc0e70a135b1f813158988ef1f3e244 | 13 | SHA1 (patch-ext_pdo_config.m4) = 522281775cc0e70a135b1f813158988ef1f3e244 | |
| 14 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | 14 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | |
| 15 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | 15 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | |
| 16 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 8a529a1b3f7c97731f2e719d006f67c3a7259bb5 | 16 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 8a529a1b3f7c97731f2e719d006f67c3a7259bb5 | |
| 17 | SHA1 (patch-ext_standard_basic__functions.c) = f97a2748c7b15fbd9a2d3c21e56079088cc05d56 | 17 | SHA1 (patch-ext_standard_basic__functions.c) = f97a2748c7b15fbd9a2d3c21e56079088cc05d56 | |
| 18 | SHA1 (patch-makedist) = 2ac0e0391c031c4fcf4993e2269cde4c6bfddfd5 | 18 | SHA1 (patch-makedist) = 2ac0e0391c031c4fcf4993e2269cde4c6bfddfd5 | |
| 19 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd | 19 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd |